Opening ports for my container on my LAN

I think I’ve gotten in over my head.
I went through the lxd init and let it take all the defaults, setup a 18.04 container and I am able to access the internet (half the battle!), but this will end up being a plex server container and I need to be able to open up the ports it needs and access it from the LAN. After reading some similar topics here I’m starting to read about something called macvlan instead of using the bridge, and I’m still reading that but I’m also getting more confused.

to give a idea of what things look like now:
router on > Ubuntu server 18.04 on (using a bond of 4 nics in LACP if it matters any?) > lxdbr0 (not really sure what bridges are but it looks like it’s creating a separate network for me?) > container that is getting a DHCP address of

other devices on the network can ping the Ubuntu server, but not the container, unsure how to proceed

UPDATE: “lxc network attach-profile bond default bond0”, seems to let my container get a DHCP address on the network like my other devices, I still have the lxdbr0 attached to it but I think I can figure out how to remove it, tbd
UPDATE2: yupyup, lxc network detatch-profile lxdbr0 default followed by lxc network delete lxdbr0 completely gets rid of the lxdbr0 I setup in the lxd init step

Hey, I hope, I do understand correctly, what you mean:
You have your server and want to be able to access the machine behind it.
Since the bridge interfaces has an dhcp server included, the virtual machines behind your Server
will sit in a seperate network.

So you could basically port forward, thus if you access the servers port, it will access the vms port.
You could do this with the proxy command (this is dangerous when using mail servers!)
Or with iptables - here, in this example, you will forward the traffic, that arrives at your servers device interface eth0 , at port 443 to the vms port 443.
iptables -t nat -A PREROUTING -i eth0 -d publicserverip -p tcp --dport 443 -j DNAT --to yourvmsip:443
Make sure you install iptables-persistent to make the iptables rules persistent, after the next reboot.

1 Like